US20220358208A1 - Systems and methods for enabling accelerator-based secure execution zones - Google Patents
Systems and methods for enabling accelerator-based secure execution zones Download PDFInfo
- Publication number
- US20220358208A1 US20220358208A1 US17/313,873 US202117313873A US2022358208A1 US 20220358208 A1 US20220358208 A1 US 20220358208A1 US 202117313873 A US202117313873 A US 202117313873A US 2022358208 A1 US2022358208 A1 US 2022358208A1
- Authority
- US
- United States
- Prior art keywords
- processor
- memory
- physical
- accelerator
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 19
- 230000015654 memory Effects 0.000 claims abstract description 220
- 230000001427 coherent effect Effects 0.000 claims description 27
- 230000006870 function Effects 0.000 claims description 14
- 238000004891 communication Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 6
- 238000012545 processing Methods 0.000 description 25
- 238000010586 diagram Methods 0.000 description 13
- 238000012795 verification Methods 0.000 description 8
- 238000013475 authorization Methods 0.000 description 6
- 238000010801 machine learning Methods 0.000 description 6
- 238000005259 measurement Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000003491 array Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 239000000872 buffer Substances 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 230000014616 translation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/14—Handling requests for interconnection or transfer
- G06F13/20—Handling requests for interconnection or transfer for access to input/output bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/382—Information transfer, e.g. on bus using universal interface adapter
- G06F13/385—Information transfer, e.g. on bus using universal interface adapter for adaptation of a particular data processing system to different peripheral devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/40—Bus structure
- G06F13/4004—Coupling between buses
- G06F13/4027—Coupling between buses using bus bridges
- G06F13/4045—Coupling between buses using bus bridges where the bus bridge performs an extender function
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/40—Bus structure
- G06F13/4004—Coupling between buses
- G06F13/4027—Coupling between buses using bus bridges
- G06F13/405—Coupling between buses using bus bridges where the bridge performs a synchronising function
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0629—Configuration or reconfiguration of storage systems
- G06F3/0637—Permissions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/0671—In-line storage system
- G06F3/0673—Single storage device
- G06F3/0679—Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Definitions
- FIG. 1 is a block diagram of an exemplary system including an exemplary accelerator device.
- FIG. 2 is a block diagram of portions of an exemplary compute express link system.
- FIG. 3 is a block diagram of portions of an exemplary compute express link system.
- FIG. 4 is a block diagram of an exemplary coherent memory space and corresponding exemplary address mappings.
- FIG. 5 is a block diagram of an exemplary accelerator including an exemplary accelerator-based secure execution zone.
- FIG. 6 is a block diagram of exemplary securing elements for enabling accelerator-based secure execution zones.
- FIG. 7 is a flow diagram of an exemplary method for enabling accelerator-based secure execution zones.
- FIG. 8 is a diagram of an exemplary data flow for executing a sensitive application within an accelerator-based secure execution zone and providing a result to an external requester.
- FIG. 9 is a diagram of an exemplary data flow for processing data received from an external processor using a sensitive application hosted within an accelerator-based secure execution zone and providing a result to the external requester.
- Recent extensions to general-purpose processors have provided hardware support for secure application execution and data management in shared-resource environments.
- Some conventional general-purpose processors may allow a user-mode application to create a protected region, often referred to as a “secure enclave,” within the application's address space and may provide, in some instances, hardware-enforced confidentiality and integrity protection for sensitive data and executable code against potentially malicious privileged code executing on the same general-purpose processor.
- an accelerator e.g., a compute-express-link accelerator
- an accelerator may include (1) an expansion-bus interface for connecting the accelerator to one or more remote processors (e.g. remote general-purpose processors or other task-specific accelerators), (2) an expansion-bus protocol processor capable of communicating with the remote processors, and (3) one or more isolated secure execution zones.
- each of an accelerator's isolated secure execution zones may include its own processing and storage resources that are not shared or accessible outside of the secure execution zone (i.e., not shared with the accelerator's local protocol processor or any remote processor connected to the accelerator's expansion-bus interface).
- Embodiments of the present disclosure may protect the integrity and confidentiality of a sensitive application and its sensitive data while also enabling remote processors to access results of executing the sensitive application.
- the disclosed accelerator-based secure execution zones may enable a third party's sensitive application to be executed within a partner's system in a way that prevents the partner from accessing the sensitive application and/or any of its sensitive data, which may enable partners to share intellectual property, trade secrets, proprietary algorithms, machine-learning models, and the like.
- the disclosed secure execution zones may provide significantly reduced attack surfaces for sensitive applications and data residing therein, especially when compared to the conventional general-purpose secure enclave technologies mentioned above.
- embodiments of the present disclosure may significantly increase the surface area and/or the number of intermediate systems that must be attacked and successfully compromised before the disclosed accelerator-based secure execution zones are ever reached.
- FIG. 1 is a block diagram of an exemplary heterogeneous system 100 having an exemplary accelerator-based secure execution zone 118 .
- system 100 may include one or more host processor(s) 102 (e.g., host central processing units (CPUs)) directly attached to a host-connected memory 104 via a memory bus 106 and an accelerator 108 (e.g., a task-specific accelerator, a storage accelerator, or memory expander) directly attached to a device-connected memory 110 via a memory bus 112 .
- host processor(s) 102 and accelerator 108 may be interconnected through an expansion bus 116 .
- host processor(s) 102 may read and write data directly to host-connected memory 104 through memory bus 106 and indirectly to device-connected memory 110 through expansion bus 116 .
- accelerator 108 may read and write data directly to device-connected memory 110 through memory bus 112 and indirectly to host-connected memory 104 through expansion bus 116 .
- host processor(s) 102 , accelerator 108 , and/or any number of additional devices within system 100 may reference and/or access memory locations contained in host-connected memory 104 and device-connected memory 110 using a coherent memory space or address space (e.g., coherent memory space 410 illustrated in FIG. 4 ) that includes one or more host address ranges mapped to cacheable memory locations contained in host-connected memory 104 and/or one or more address ranges mapped to cacheable memory locations contained in device-connected memory 110 .
- coherent memory space or address space e.g., coherent memory space 410 illustrated in FIG. 4
- accelerator 108 may include a processor 114 for managing communications over expansion bus 116 , performing task-specific acceleration tasks on data stored to device-connected memory 110 , and/or managing any read and write operations to device-connected memory 110 and/or host-connected memory 104 that are made through expansion bus 116 .
- processor 114 may manage communications and data transmissions between host processor(s) 102 and secure execution zone 118 made via expansion bus 116 . Additionally or alternatively, processor 114 may manage communications and data transmissions between secure execution zone 118 and device-connected memory 110 made via memory bus 112 .
- processor 114 examples include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Digital signal processors (DSPs), Field-Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor.
- CPUs Central Processing Units
- DSPs Digital signal processors
- FPGAs Field-Programmable Gate Arrays
- ASICs Application-Specific Integrated Circuits
- accelerator 108 may include one or more secure execution zones for enabling sensitive applications to expose one or more results of secretly processing one or more of (1) sensitive data stored within the secure execution zones, (2) data received over expansion bus 116 , and/or (3) data stored to device-connected memory 110 .
- accelerator 108 may include a secure execution zone 118 for enabling a sensitive application 120 to provide host processor(s) 102 with a result 122 of (1) secretly processing sensitive data stored within secure execution zone 118 , (2) secretly processing data received over expansion bus 116 , and/or (3) secretly processing data stored to device-connected memory 110 .
- host processor(s) 102 may use expansion bus 116 to access results produced within secure execution zone 118 and/or provide data to be processed within secure execution zone 118 .
- Host-connected memory 104 and/or device-connected memory 110 may represent any type or form of memory capable of storing cacheable data. Examples of host-connected memory 104 and/or device-connected memory 110 include, without limitation, Dynamic Randomly Addressable Memory (DRAM), Static Randomly Addressable Memory (SRAM), High Bandwidth Memory (HBM), cache memory, volatile memory, non-volatile memory (e.g., Flash memory), or any other suitable form of computer memory.
- Memory bus 106 and/or memory bus 112 may represent any internal memory bus suitable for interfacing with host-connected memory 104 and/or device-connected memory 110 .
- Examples of memory bus 106 and/or memory bus 112 include, without limitation, Double Data Rate (DDR) buses (e.g., Low Power DDR buses), Serial ATA (SATA) buses, Serial Attached SCSI (SAS) buses, High Bandwidth Memory (HBM) buses, Peripheral Component Interconnect Express (PCIe) buses, and the like.
- DDR Double Data Rate
- SATA Serial ATA
- SAS Serial Attached SCSI
- HBM High Bandwidth Memory
- PCIe Peripheral Component Interconnect Express
- Expansion bus 116 may represent any high-bandwidth and/or low-latency chip-to-chip interconnect, external bus, or expansion bus.
- expansion bus 116 may provide connectivity (e.g., I/O, coherence, and/or memory semantics) between host processor(s) 102 and external devices or packages such as caching devices, workload accelerators (e.g., Graphics Processing Unit (GPU) devices, Field-Programmable Gate Array (FPGA) devices, Application-Specific Integrated Circuit (ASIC) devices, machine learning accelerators, tensor and vector processor units, etc.), memory expanders, and memory buffers.
- workload accelerators e.g., Graphics Processing Unit (GPU) devices, Field-Programmable Gate Array (FPGA) devices, Application-Specific Integrated Circuit (ASIC) devices, machine learning accelerators, tensor and vector processor units, etc.
- expansion bus 116 may include a standardized interconnect (e.g., a Peripheral Component Interconnect Express (PCIe) bus), a proprietary interconnect, or some combination thereof.
- expansion bus 116 may include a Compute eXpress Link (CXL) interconnect such as those illustrated in FIGS. 2 and 3 .
- CXL Compute eXpress Link
- Example system 100 in FIG. 1 may be implemented in a variety of ways. For example, all or a portion of example system 100 may represent portions of an example system 200 in FIG. 2 .
- system 200 may include a host processor 210 connected to a CXL accelerator 220 via a compute express link 230 .
- host processor 210 may be directly connected to a host memory 240 via an internal memory bus
- CXL accelerator 220 may be directly connected to a device memory 250 via an internal memory bus.
- the internal components of host processor 210 may communicate over compute express link 230 with the internal components of CXL accelerator 240 using one or more CXL protocols (e.g., a memory protocol 232 , a caching protocol 234 , and/or an I/O protocol 236 ) that are multiplexed by multiplexing logic 212 and 222 .
- CXL protocols e.g., a memory protocol 232 , a caching protocol 234 , and/or an I/O protocol 236 .
- host processor 210 may include one or more processing core(s) 216 that are capable of accessing and caching data stored to host memory 240 and device memory 250 via coherence/cache logic 214 .
- Host processor 210 may also include an I/O device 219 that is capable of communication over compute express link 230 via PCIe logic 218 .
- host processor 210 may include a root complex 310 (e.g., a PCIe compatible root complex) that connects one or more of cores 216 to host memory 240 and device memory 250 .
- a root complex 310 e.g., a PCIe compatible root complex
- root complex 310 may include a memory controller 312 for managing read and write operations to host memory 240 , a home agent 314 for performing translations between physical, channel, and/or system memory addresses, and a coherency bridge 316 for resolving system wide coherency for a given host address.
- CXL accelerator 220 may include device logic 224 for performing memory and CXL protocol tasks.
- device logic 224 may include one or more secure execution zones and a memory controller 322 that manages read and write operations to device memory 250 (e.g., as shown in FIG. 3 ).
- CXL accelerator 220 may include a coherent cache 324 for caching host-managed data (e.g., data stored to host memory 240 or device memory 250 ).
- FIG. 4 illustrates an exemplary coherent memory space 410 having host addresses 412 ( 1 )-(Z) that have been mapped to (1) physical memory locations of host physical memory 104 and (2) physical memory locations of device physical memory 110 .
- a memory range 413 of coherent memory space 410 may be mapped to memory locations 419 ( 1 )-(N) of host physical memory 104
- a memory range 415 of coherent memory space 410 may be mapped to memory locations 422 ( 1 )-(N) of device physical memory 110 (e.g., memory region 522 in FIG.
- a memory range 417 of coherent memory space 410 may be mapped to memory locations 422 (Z-Y)-(Z) of device physical memory 110 (e.g., memory region 524 in FIG. 5 ).
- host processors or accelerators that share access to coherent memory space 410 may read or write data to host physical memory 104 by accessing the host addresses in memory range 413 .
- host processors or accelerators that share access to coherent memory space 410 may read or write data to device physical memory 110 by accessing the host addresses in either of memory ranges 415 or 417 .
- host processors or accelerators that share access to coherent memory space 410 may use host addresses of coherent memory space 410 to reference and/or access the outputs of the secure execution zones disclosed herein.
- accelerator 108 may include one or more secure execution zones for secretly executing sensitive applications and/or secretly processing sensitive data within heterogeneous systems.
- FIG. 5 is an illustration of an exemplary configuration of accelerator 108 having a single secure execution zone 118 .
- Secure execution zone 118 may include one or more processors (e.g., a processor 500 ), one or more volatile memories (e.g., a volatile memory 502 ), and/or one or more non-volatile memories (e.g., a read only memory 504 ).
- read only memory 504 may store some or all of sensitive application 120 (e.g., as sensitive code 508 and/or sensitive data 510 ).
- volatile memory 502 may store some or all of sensitive application 120 (e.g., as sensitive code 512 and/or sensitive data 514 ). In some embodiments, volatile memory 502 may store result 122 of executing sensitive application 120 within secure execution zone 118 . Volatile memory 502 may represent any type or form of memory (e.g., Static Randomly Addressable Memory (SRAM)) that loses data when shut down or after losing power. As such, sensitive code 512 and sensitive data 514 may represent code and data that processor 500 loads from read only memory 504 on a restart of accelerator 108 .
- SRAM Static Randomly Addressable Memory
- volatile memory 502 and read-only memory 504 may be physically accessible to processors within secure execution zone 118 (e.g., processor 500 ) but physically inaccessible to processors outside of secure execution zone 118 (e.g., processor 114 and/or host processor(s) 102 ).
- processor 500 may have sole access to memories 502 and 504 . Additionally or alternatively, processor 500 may have (e.g., via one or more of securing elements 501 , 503 , and/or 505 ) sole access to some or all of the sensitive information stored to memories 502 and 504 .
- processor 114 may provide processor 500 and/or sensitive application 120 with access to a private region 518 of device-connected memory 110 to which sensitive application 120 may securely store (e.g., using encryption) data that will be secretly processed within secure execution zone 118 .
- processor 500 may be configured to expose result 122 of processing sensitive application 120 to processor 114 and/or host processor(s) 102 using a hash map, a secure communication channel, a secure entry point (e.g., one or more registers accessible to both processor 500 and processor 114 ), and/or memory region 516 of device-connected memory 110 .
- processor 114 may be configured to relay results of executing sensitive application 120 from processor 500 to host processor(s) 102 via an expansion-bus interface 506 .
- processor 114 may be configured to relay result 122 of executing application 120 from processor 500 to device-connected memory 110 (e.g., memory region 516 ) and later relay result 122 from device-connected memory 110 to host processor(s) 102 .
- Processor 500 may represent any physical processor configured to ( 1 ) ensure the confidentiality and/or integrity of sensitive application 120 and/or the data of sensitive application 120 before, during, and/or after execution of sensitive application 120 within secure execution zone 118 and also ( 2 ) expose result 122 of executing sensitive application 120 to processors located outside of secure execution zone 118 (e.g., host processor(s) 102 and/or processor 114 ). Processor 500 may ensure the confidentiality of secure code 508 and 512 and secure data 510 and 514 by preventing disclosure of secure code 508 and 512 and secure data 510 and 514 outside of secure execution zone 118 .
- Processor 500 may ensure the integrity of secure code 508 and 512 and secure data 510 and 514 by preventing unauthorized modification and/or execution of secure code 508 and 512 and secure data 510 and 514 .
- Examples of processor 500 include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Digital signal processors (DSPs), Field-Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor.
- processor 500 may be Instruction Set Architecture (ISA) agnostic.
- processor 500 may be a physical processor based on a Reduced Instruction Set Computer (RISC) (e.g., a RISC-V processor).
- RISC Reduced Instruction Set Computer
- processor 500 may be uniquely configured to execute one or more sensitive applications.
- processor 500 may represent a processor that incorporates and/or has access to specialized instructions and/or other specialized features (e.g., hash functions and/or cryptographic keys) for executing sensitive applications.
- processor 500 may be specialized to ensure the confidentiality and/or integrity for only sensitive application 120 .
- processor 500 may represent a processor uniquely configured for one or more entities and specialized for executing third-party sensitive applications within the one or more entities' systems. Additionally or alternatively, processor 500 may represent a processor uniquely configured for one or more entities and specialized for executing the one or more entities' sensitive applications within third-party systems.
- some or all of the components contained in secure execution zone 118 may include one or more securing elements (e.g., securing elements 501 , 503 , and 505 ) for ensuring the confidentiality and/or integrity of sensitive application 120 and/or its data before, during, and/or after execution and enabling results of executing sensitive application 120 to be exposed to processors located outside of secure execution zone 118 .
- the disclosed systems may use these securing elements to establish mutual trust. Additionally or alternatively, these securing elements may collectively provide a trusted execution environment for a sensitive application 120 .
- securing elements 600 may include one or more authentication elements 602 , one or more confidentiality elements 604 , one or more identification elements 606 , one or more integrity elements 608 , one or more measurement elements 610 , one or more authorization elements 612 , one or more reporting elements 614 , one or more verification elements 616 , one or more hash maps 618 , one or more hash-map instructions 620 , one or more cryptographic keys 622 , and/or one or more trusted platform modules 624 . Some or all of securing elements 600 may be unique to a particular sensitive application and/or secure execution zone. In some embodiments, one or more of securing elements 600 may act as a hardware- or software-based root of trust for sensitive applications executing within secure execution zone 118 and/or any external applications that interact with the sensitive applications.
- authentication elements 602 may provide one or more authentication functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- authentication elements 602 may include one or more authentication credentials that may be used for performing access control associated with result 122 and/or for authorizing access to result 122 for processor 114 and/or host processor(s) 102 .
- confidentiality elements 604 may provide one or more confidentiality functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- confidentiality element 604 may include secret keys and/or passwords for encrypting/decrypting data stored within secure execution zone 118 .
- processor 500 may include a secret key and/or password for decrypting data read from read only memory 504 .
- identification elements 606 may provide one or more identification functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- identification elements 606 may include one or more secret values (e.g., a symmetric key, an asymmetric private key, an identity key, an endorsement key etc.) for establishing the identity of sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- identification elements 606 may include a one-time programmable memory (e.g., a one-time programmable fuse) for storing keys and other cryptographic assets.
- integrity elements 608 may provide one or more integrity functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- integrity elements 608 may include authorization values, public keys, and/or public key certificates for performing attestation operations.
- measurement elements 610 may provide one or more measurement functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- measurement elements 610 may include cryptographic hash functions for calculating the hashes of code and/or data that may be used to perform integrity, verification, and/or trust-establishing operations.
- authorization elements 612 may provide one or more authorization functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- authorization elements 612 may include authorization tokens that may be provided by processor 114 and/or host processor(s) 102 and used by processor 500 to perform access control measures associated with result 122 .
- reporting elements 614 may provide one or more reporting functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- reporting elements 614 may provide platform characteristics to sensitive application 120 that have been authenticated by processor 500 .
- verification elements 616 may provide one or more verification functions or services to sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 .
- verification elements 616 may enable sensitive application 120 , processor 500 , processor 114 , and/or host processor(s) 102 to verify the integrity and/or authenticity of code, data, and/or public keys.
- verification elements 616 may be used to perform verification checks on code read from read only memory 504 before the code is executed by processor 500 .
- verification elements 616 may include a read only memory bootloader stored to read only memory 504 that may be used to verify a signature of the next bootloader or software image in a chain of trust before passing control of processor 500 to the next bootloader or software image.
- hash maps 618 may map hashes (e.g., access tokens) to results of executing sensitive application 120 (e.g., result 122 ).
- processor 500 may use hash maps 618 to expose the results outside of secure execution zone 118 and/or to control access to the results.
- hash-map instructions 620 may include specialized instructions for accessing and/or initiating hash maps 618 .
- FIG. 7 is a flow diagram of an exemplary computer-implemented method 700 for executing a sensitive application within an accelerator-based secure execution zone and then providing a result to an external processor.
- the steps shown in FIG. 7 may be performed by any suitable computer-executable code and/or computing system, including the system(s) illustrated in FIGS. 1, 2, 3, and 5 .
- each of the steps shown in FIG. 7 may represent an algorithm whose structure includes and/or is represented by multiple sub-steps, examples of which will be provided in greater detail below.
- a first internal physical processor of one of the accelerators described herein may receive, from an external processor, a request to access a result of executing a sensitive application within a secure execution zone.
- processor 114 may receive, from host processor 102 via expansion bus 116 , a request to access result 122 of executing sensitive application 120 within secure execution zone 118 .
- a request to access a result of executing a sensitive application within a secure execution zone may include an address (e.g., a host address in coherent memory space 410 ) or another identifier (e.g., a hash) mapped to the result and/or to a location where the result can be accessed (e.g., as shown in FIG. 8 ).
- a request may include data to be processed by a sensitive application executing within a secure execution zone (e.g., as shown in FIG. 9 ).
- processor 114 may relay the data to secure execution zone 118 .
- a second internal physical processor within the secure execution zone may execute the sensitive application to generate the result.
- processor 500 of secure execution zone 118 may execute sensitive code 508 and/or 512 within secure execution zone 118 to generate result 122 .
- the second internal physical processor may make the result accessible outside of the secure execution zone.
- processor 500 of secure execution zone 118 may make result 122 accessible to processor 114 and/or host processor(s) 102 located outside of secure execution zone 118 .
- the first internal physical processor may relay the result to the external processor.
- processor 114 may relay result 122 to host processor(s) 102 via expansion bus 116 .
- FIG. 8 is a diagram of an exemplary data flow that may occur when the disclosed systems execute a sensitive application within an accelerator-based secure execution zone and then provide a result to an external requester.
- a requester 802 e.g., a host processor, core, or thread
- Result 810 may be a result of processing data 808 within secure execution zone 118 .
- processor 114 may have facilitated access to data 808 .
- request 804 may include an address 806 that may be used to access result 810 .
- processor 114 may use address 806 to request result 810 from processor 500 .
- address 806 may be mapped to a physical address within memory 110 .
- processor 500 may write result 810 to the physical address, and processor 114 may translate address 806 to identify the physical location before retrieving result 810 from memory 110 . After retrieving result 810 from either secure execution zone 118 or memory 110 , processor 114 may then relay result 810 to requester 802 via a response 812 , as shown.
- FIG. 9 is a diagram of an exemplary data flow that may occur when the disclosed systems process data received from an external processor using a sensitive application hosted within an accelerator-based secure execution zone and then provide a result to the external requester.
- a requester 902 e.g., a host processor, core, or thread
- processor 114 may relay data 906 directly to processor 500 in secure execution zone 118 .
- processor 114 may store data 906 to memory 110 for later retrieval by processor 500 from secure execution zone 118 .
- processor 114 may facilitate access to data 906 .
- processor 500 may, after producing result 908 from data 906 , provide result 908 to processor 114 for transmission to requester 902 .
- processor 500 may write result 908 to a physical address within memory 110 from which processor 114 may retrieve result 908 . After retrieving result 908 from either secure execution zone 118 or memory 110 , processor 114 may then relay result 908 to requester 902 via a response 910 , as shown.
- embodiments of the present disclosure may protect the integrity and confidentiality of a sensitive application and its sensitive data while also enabling remote processors to access results of executing the sensitive application.
- the disclosed accelerator-based secure execution zones may enable a third party's sensitive application to be executed within a partner's system in a way that prevents the partner from discovering how the sensitive application operates, which may enable partners to share intellectual property, trade secrets, proprietary algorithms, machine-learning models, and the like.
- Example 1 An accelerator including (1) an expansion-bus interface, (2) one or more internal physical processors adapted to communicate with an external processor via the expansion-bus interface, and (3) a secure execution zone having (a) at least one additional internal physical processor adapted to execute a sensitive application within the secure execution zone and make a result of executing the sensitive application accessible to the external processor via the expansion-bus interface and (b) physical memory storing the sensitive application.
- the physical memory may be accessible to the additional internal physical processor and inaccessible to the external processor and the one or more internal physical processors.
- Example 2 The accelerator of Example 1, wherein (1) the physical memory is volatile memory, (2) the secure execution zone further includes read only memory, (3) the read only memory stores executable instructions of the sensitive application, and (4) the additional internal physical processor is further adapted to load the executable instructions of the sensitive application into the volatile memory as part of a secure boot procedure.
- Example 3 The accelerator of any of Examples 1 and 2, wherein the read only memory further stores one or more securing elements necessary for making the result accessible to the external processor.
- Example 4 The accelerator of any of Examples 1-3, wherein (1) the one or more securing elements include a hashing function for generating a hash map, and (2) the result is made accessible to the external processor via the hash map.
- Example 5 The accelerator of any of Examples 1-4, wherein the additional internal physical processor includes at least one securing element, that is necessary for accessing the executable instructions of the sensitive application stored to the read only memory, that differs from elements of one or more of the external processor and the one or more internal physical processors.
- Example 6 The accelerator of any of Examples 1-5, wherein the read only memory further includes a secure bootloader for loading the sensitive application from the read only memory into the volatile memory.
- Example 7 The accelerator of any of Examples 1-6, wherein the additional internal physical processor is further adapted to act as a root of trust in a secure boot procedure.
- Example 8 The accelerator of any of Examples 1-7, wherein the additional internal physical processor is further adapted to establish trust between the sensitive application and the additional internal physical processor.
- Example 9 The accelerator of any of Examples 1-8, wherein the additional internal physical processor is further adapted to establish trust between the sensitive application and one or more of the external processor and the one or more internal physical processors.
- Example 10 The accelerator of any of Examples 1-9, wherein the additional internal physical processor is further adapted to ( 1 ) receive, from the one or more internal physical processors via a secure communication channel, a request to access the result and (2) transmit, in response to the request, the result to the one or more internal physical processors over the secure communication channel.
- Example 11 The accelerator of any of Examples 1-10, wherein the one or more internal physical processors are further adapted to ( 1 ) receive, from the external processor via the expansion-bus interface, a request to access the result and (2) transmit, in response to the request, the result to the external processor via the expansion-bus interface.
- Example 12 The accelerator of any of Examples 1-11, wherein (1) the expansion-bus interface is adapted to connect to a cache-coherent interconnect, (2) the accelerator further includes additional physical memory accessible to the external processor via the cache-coherent interconnect, addresses of the additional physical memory being mapped to a coherent memory space of the external processor, (3) the additional internal physical processor is adapted to make the result of executing the sensitive application accessible to the external processor by writing the result to a physical address of the additional physical memory accessible to the external processor, and (4) the one or more internal physical processors are further adapted to (a) receive, via the cache-coherent interconnect, a request to access a host address of the coherent memory space corresponding to the physical address and (b) respond to the request by accessing the result from the physical address of the additional physical memory corresponding to the host address.
- Example 13 The accelerator of any of Examples 1-12, wherein the additional internal physical processor is adapted to write the result to the physical address of the additional physical memory by transmitting, to the one or more internal physical processors, a request to write the result to the host address of the coherent memory space corresponding to the physical address.
- Example 14 A computer-implemented method including (1) receiving, by a first internal physical processor of an accelerator from an external processor, a request to access a result of executing a sensitive application within a secure execution zone of the accelerator having a second internal physical processor and physical memory storing the sensitive application, (2) executing, by the second internal physical processor within the secure execution zone of the accelerator, the sensitive application from the physical memory to generate the result, (3) making, by the second internal physical processor, the result accessible outside of the secure execution zone, and (4) relaying, by the first internal physical processor, the result to the external processor.
- the physical memory may be accessible to the second internal physical processor and inaccessible to the first internal physical processor and the external processor.
- Example 15 A storage accelerator including (1) a device-attached physical memory accessible to an external host processor via a cache-coherent interconnect, wherein addresses of the device-attached physical memory are mapped to a coherent memory space of the external host processor, (2) one or more internal physical processors adapted to (a) receive, via the cache-coherent interconnect, a request to access a host address of the coherent memory space and (b) respond to the request by accessing a physical address of the device-attached physical memory corresponding to the host address, and (3) a secure execution zone having at least one additional internal physical processor adapted to execute a sensitive application within the secure execution zone and make a result of executing the sensitive application within the secure execution zone accessible to the external host processor via the cache-coherent interconnect.
- Example 16 The storage accelerator of Example 15, wherein (1) the one or more internal physical processors are further adapted to provision a private region of the coherent memory space of the external host processor for use by the additional internal physical processor, and (2) the additional internal physical processor is further adapted to provide the sensitive application with access to the private region of the coherent memory space of the external host processor.
- Example 17 The storage accelerator of any of Examples 15 and 16, wherein the secure execution zone further includes additional physical memory storing the sensitive application and sensitive data necessary in producing the result, the additional physical memory being accessible to the additional internal physical processor and inaccessible to the external host processor and the one or more internal physical processors.
- Example 18 The storage accelerator of any of Examples 15-17, wherein (1) the additional physical memory is volatile memory, (2) the secure execution zone further includes read only memory, (3) the read only memory stores executable instructions of the sensitive application, and (4) the additional internal physical processor is further adapted to load the executable instructions of the sensitive application into the volatile memory as part of a secure boot procedure.
- Example 19 The storage accelerator of any of Examples 15-18, wherein the read only memory further stores one or more securing elements necessary for making the result accessible to the external processor.
- Example 20 The storage accelerator of any of Examples 15-19, wherein the one or more securing elements include a hashing function for generating a hash map, and the result is made accessible to the external processor by the hash map.
- the one or more securing elements include a hashing function for generating a hash map, and the result is made accessible to the external processor by the hash map.
- computing devices and systems described and/or illustrated herein broadly represent any type or form of computing device or system capable of executing computer-readable instructions, such as those contained within the modules described herein.
- these computing device(s) may each include at least one memory device and at least one physical processor.
- the term “memory device” generally refers to any type or form of volatile or non-volatile storage device or medium capable of storing data and/or computer-readable instructions.
- a memory device may store, load, and/or maintain one or more of the modules described herein.
- Examples of memory devices include, without limitation, Random Access Memory (RAM), Read only memory (ROM), flash memory, Hard Disk Drives (HDDs), Solid-State Drives (SSDs), optical disk drives, caches, variations or combinations of one or more of the same, or any other suitable storage memory.
- the term “physical processor” generally refers to any type or form of hardware-implemented processing unit capable of interpreting and/or executing computer-readable instructions.
- a physical processor may access and/or modify one or more modules stored in the above-described memory device.
- Examples of physical processors include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Field-Programmable Gate Arrays (FPGAs) that implement softcore processors, Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor.
- modules described and/or illustrated herein may represent portions of a single module or application.
- one or more of these modules may represent one or more software applications or programs that, when executed by a computing device, may cause the computing device to perform one or more tasks.
- one or more of the modules described and/or illustrated herein may represent modules stored and configured to run on one or more of the computing devices or systems described and/or illustrated herein.
- One or more of these modules may also represent all or portions of one or more special-purpose computers configured to perform one or more tasks.
- one or more of the modules described herein may transform data, physical devices, and/or representations of physical devices from one form to another.
- one or more of the modules recited herein may receive data to be transformed over a cache-coherent interconnect, secretly process the data within an accelerator-based secure execution zone, output a result of the processing to device-connected memory, and use the result of the processing to respond to future read requests for the result.
- one or more of the modules recited herein may transform a processor, volatile memory, non-volatile memory, and/or any other portion of a physical computing device from one form to another by executing on the computing device, storing data on the computing device, and/or otherwise interacting with the computing device.
- the term “computer-readable medium” generally refers to any form of a device, carrier, or medium capable of storing or carrying computer-readable instructions.
- Examples of computer-readable media include, without limitation, transmission-type media, such as carrier waves, and non-transitory-type media, such as magnetic-storage media (e.g., hard disk drives, tape drives, and floppy disks), optical-storage media (e.g., Compact Disks (CDs), Digital Video Disks (DVDs), and BLU-RAY disks), electronic-storage media (e.g., solid-state drives and flash media), and other distribution systems.
- transmission-type media such as carrier waves
- non-transitory-type media such as magnetic-storage media (e.g., hard disk drives, tape drives, and floppy disks), optical-storage media (e.g., Compact Disks (CDs), Digital Video Disks (DVDs), and BLU-RAY disks), electronic-storage media (e.g., solid-
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Advance Control (AREA)
- Multi Processors (AREA)
Abstract
Description
- The accompanying drawings illustrate a number of exemplary embodiments and are a part of the specification. Together with the following description, these drawings demonstrate and explain various principles of the present disclosure.
-
FIG. 1 is a block diagram of an exemplary system including an exemplary accelerator device. -
FIG. 2 is a block diagram of portions of an exemplary compute express link system. -
FIG. 3 is a block diagram of portions of an exemplary compute express link system. -
FIG. 4 is a block diagram of an exemplary coherent memory space and corresponding exemplary address mappings. -
FIG. 5 is a block diagram of an exemplary accelerator including an exemplary accelerator-based secure execution zone. -
FIG. 6 is a block diagram of exemplary securing elements for enabling accelerator-based secure execution zones. -
FIG. 7 is a flow diagram of an exemplary method for enabling accelerator-based secure execution zones. -
FIG. 8 is a diagram of an exemplary data flow for executing a sensitive application within an accelerator-based secure execution zone and providing a result to an external requester. -
FIG. 9 is a diagram of an exemplary data flow for processing data received from an external processor using a sensitive application hosted within an accelerator-based secure execution zone and providing a result to the external requester. - Throughout the drawings, identical reference characters and descriptions indicate similar, but not necessarily identical, elements. While the exemplary embodiments described herein are susceptible to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and will be described in detail herein. However, the exemplary embodiments described herein are not intended to be limited to the particular forms disclosed. Rather, the present disclosure covers all modifications, equivalents, and alternatives falling within the scope of the appended claims.
- The demand for handling complex computational and memory intensive workloads (such as those involved in Artificial Intelligence (AI), Machine Learning (ML), analytics, and video/image processing) is expanding at an ever-increasing rate. Computational and memory intensive workloads are increasingly performed in large data centers by heterogeneous processing and memory systems that include general-purpose host processors, task-specific accelerators, and memory expanders that often pool and/or share resources. Within heterogeneous processing and memory systems, it may be highly desirable to secure and/or limit access to sensitive data such as personally identifiable information, financial records, credit card numbers, healthcare information, intellectual property, trade secrets, sensitive applications, proprietary algorithms, machine-learning models, passwords, cryptographic keys, and the like.
- Recent extensions to general-purpose processors have provided hardware support for secure application execution and data management in shared-resource environments. Some conventional general-purpose processors may allow a user-mode application to create a protected region, often referred to as a “secure enclave,” within the application's address space and may provide, in some instances, hardware-enforced confidentiality and integrity protection for sensitive data and executable code against potentially malicious privileged code executing on the same general-purpose processor.
- Unfortunately, conventional heterogeneous processing and memory systems may have attack surfaces that are potentially very large since they often include widely available general-purpose processors with well-known architectures and/or vulnerabilities. For at least this reason, it may be difficult for owners and/or operators of conventional heterogeneous processing and memory systems to ensure the security of sensitive data within their systems. These limitations may be especially problematic for owners and/or operators that wish to host the sensitive applications and/or data of their partners or other third parties. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for securing sensitive applications and sensitive data, especially in heterogeneous processing and memory systems.
- This application is generally directed to accelerator-based secure execution zones. In some embodiments, an accelerator (e.g., a compute-express-link accelerator) may include (1) an expansion-bus interface for connecting the accelerator to one or more remote processors (e.g. remote general-purpose processors or other task-specific accelerators), (2) an expansion-bus protocol processor capable of communicating with the remote processors, and (3) one or more isolated secure execution zones. In some embodiments, each of an accelerator's isolated secure execution zones may include its own processing and storage resources that are not shared or accessible outside of the secure execution zone (i.e., not shared with the accelerator's local protocol processor or any remote processor connected to the accelerator's expansion-bus interface).
- Embodiments of the present disclosure may protect the integrity and confidentiality of a sensitive application and its sensitive data while also enabling remote processors to access results of executing the sensitive application. In some embodiments, the disclosed accelerator-based secure execution zones may enable a third party's sensitive application to be executed within a partner's system in a way that prevents the partner from accessing the sensitive application and/or any of its sensitive data, which may enable partners to share intellectual property, trade secrets, proprietary algorithms, machine-learning models, and the like. In addition, the disclosed secure execution zones may provide significantly reduced attack surfaces for sensitive applications and data residing therein, especially when compared to the conventional general-purpose secure enclave technologies mentioned above. Furthermore, by locating the disclosed secure execution zones within accelerators that are separated from the potentially vulnerable general-purpose processors that access them, embodiments of the present disclosure may significantly increase the surface area and/or the number of intermediate systems that must be attacked and successfully compromised before the disclosed accelerator-based secure execution zones are ever reached.
- Features from any of the embodiments described herein may be used in combination with one another in accordance with the general principles described herein. These and other embodiments, features, and advantages will be more fully understood upon reading the following detailed description in conjunction with the accompanying drawings and claims.
- The following will provide, with reference to
FIGS. 1-4 , detailed descriptions of exemplary heterogeneous systems that may benefit from accelerator-based secure execution zones. With reference toFIGS. 5-6 , the following will provide detailed descriptions of exemplary accelerator-based secure execution zones. The discussions corresponding toFIGS. 7-9 will provide detailed descriptions of corresponding methods and data flows. -
FIG. 1 is a block diagram of an exemplaryheterogeneous system 100 having an exemplary accelerator-basedsecure execution zone 118. As shown,system 100 may include one or more host processor(s) 102 (e.g., host central processing units (CPUs)) directly attached to a host-connectedmemory 104 via a memory bus 106 and an accelerator 108 (e.g., a task-specific accelerator, a storage accelerator, or memory expander) directly attached to a device-connectedmemory 110 via a memory bus 112. As shown, host processor(s) 102 andaccelerator 108 may be interconnected through an expansion bus 116. - In some embodiments, host processor(s) 102 may read and write data directly to host-connected
memory 104 through memory bus 106 and indirectly to device-connectedmemory 110 through expansion bus 116. Additionally or alternatively,accelerator 108 may read and write data directly to device-connectedmemory 110 through memory bus 112 and indirectly to host-connectedmemory 104 through expansion bus 116. In some embodiments, host processor(s) 102,accelerator 108, and/or any number of additional devices withinsystem 100, not illustrated, may reference and/or access memory locations contained in host-connectedmemory 104 and device-connectedmemory 110 using a coherent memory space or address space (e.g.,coherent memory space 410 illustrated inFIG. 4 ) that includes one or more host address ranges mapped to cacheable memory locations contained in host-connectedmemory 104 and/or one or more address ranges mapped to cacheable memory locations contained in device-connectedmemory 110. - As shown in
FIG. 1 ,accelerator 108 may include aprocessor 114 for managing communications over expansion bus 116, performing task-specific acceleration tasks on data stored to device-connectedmemory 110, and/or managing any read and write operations to device-connectedmemory 110 and/or host-connectedmemory 104 that are made through expansion bus 116. In some embodiments,processor 114 may manage communications and data transmissions between host processor(s) 102 andsecure execution zone 118 made via expansion bus 116. Additionally or alternatively,processor 114 may manage communications and data transmissions betweensecure execution zone 118 and device-connectedmemory 110 made via memory bus 112. Examples ofprocessor 114 include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Digital signal processors (DSPs), Field-Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor. - As will be explained in greater detail below in connection with
FIGS. 5 and 6 ,accelerator 108 may include one or more secure execution zones for enabling sensitive applications to expose one or more results of secretly processing one or more of (1) sensitive data stored within the secure execution zones, (2) data received over expansion bus 116, and/or (3) data stored to device-connectedmemory 110. For example,accelerator 108 may include asecure execution zone 118 for enabling asensitive application 120 to provide host processor(s) 102 with aresult 122 of (1) secretly processing sensitive data stored withinsecure execution zone 118, (2) secretly processing data received over expansion bus 116, and/or (3) secretly processing data stored to device-connectedmemory 110. In some embodiments, host processor(s) 102 may use expansion bus 116 to access results produced withinsecure execution zone 118 and/or provide data to be processed withinsecure execution zone 118. - Host-connected
memory 104 and/or device-connectedmemory 110 may represent any type or form of memory capable of storing cacheable data. Examples of host-connectedmemory 104 and/or device-connectedmemory 110 include, without limitation, Dynamic Randomly Addressable Memory (DRAM), Static Randomly Addressable Memory (SRAM), High Bandwidth Memory (HBM), cache memory, volatile memory, non-volatile memory (e.g., Flash memory), or any other suitable form of computer memory. Memory bus 106 and/or memory bus 112 may represent any internal memory bus suitable for interfacing with host-connectedmemory 104 and/or device-connectedmemory 110. Examples of memory bus 106 and/or memory bus 112 include, without limitation, Double Data Rate (DDR) buses (e.g., Low Power DDR buses), Serial ATA (SATA) buses, Serial Attached SCSI (SAS) buses, High Bandwidth Memory (HBM) buses, Peripheral Component Interconnect Express (PCIe) buses, and the like. - Expansion bus 116 may represent any high-bandwidth and/or low-latency chip-to-chip interconnect, external bus, or expansion bus. In some embodiments, expansion bus 116 may provide connectivity (e.g., I/O, coherence, and/or memory semantics) between host processor(s) 102 and external devices or packages such as caching devices, workload accelerators (e.g., Graphics Processing Unit (GPU) devices, Field-Programmable Gate Array (FPGA) devices, Application-Specific Integrated Circuit (ASIC) devices, machine learning accelerators, tensor and vector processor units, etc.), memory expanders, and memory buffers. In some embodiments, expansion bus 116 may include a standardized interconnect (e.g., a Peripheral Component Interconnect Express (PCIe) bus), a proprietary interconnect, or some combination thereof. In at least one embodiment, expansion bus 116 may include a Compute eXpress Link (CXL) interconnect such as those illustrated in
FIGS. 2 and 3 . -
Example system 100 inFIG. 1 may be implemented in a variety of ways. For example, all or a portion ofexample system 100 may represent portions of anexample system 200 inFIG. 2 . As shown inFIG. 2 ,system 200 may include ahost processor 210 connected to aCXL accelerator 220 via a computeexpress link 230. In some embodiments,host processor 210 may be directly connected to ahost memory 240 via an internal memory bus, andCXL accelerator 220 may be directly connected to adevice memory 250 via an internal memory bus. In this example, the internal components ofhost processor 210 may communicate over computeexpress link 230 with the internal components ofCXL accelerator 240 using one or more CXL protocols (e.g., amemory protocol 232, acaching protocol 234, and/or an I/O protocol 236) that are multiplexed bymultiplexing logic - As shown in
FIG. 2 ,host processor 210 may include one or more processing core(s) 216 that are capable of accessing and caching data stored tohost memory 240 anddevice memory 250 via coherence/cache logic 214.Host processor 210 may also include an I/O device 219 that is capable of communication over computeexpress link 230 viaPCIe logic 218. As shown inFIG. 3 , in some embodiments,host processor 210 may include a root complex 310 (e.g., a PCIe compatible root complex) that connects one or more ofcores 216 to hostmemory 240 anddevice memory 250. In this example, root complex 310 may include amemory controller 312 for managing read and write operations to hostmemory 240, ahome agent 314 for performing translations between physical, channel, and/or system memory addresses, and acoherency bridge 316 for resolving system wide coherency for a given host address. - As shown in
FIG. 2 ,CXL accelerator 220 may includedevice logic 224 for performing memory and CXL protocol tasks. In some embodiments,device logic 224 may include one or more secure execution zones and amemory controller 322 that manages read and write operations to device memory 250 (e.g., as shown inFIG. 3 ). In at least one embodiment,CXL accelerator 220 may include acoherent cache 324 for caching host-managed data (e.g., data stored to hostmemory 240 or device memory 250). -
FIG. 4 illustrates an exemplarycoherent memory space 410 having host addresses 412(1)-(Z) that have been mapped to (1) physical memory locations of hostphysical memory 104 and (2) physical memory locations of devicephysical memory 110. As shown, a memory range 413 ofcoherent memory space 410 may be mapped to memory locations 419(1)-(N) of hostphysical memory 104, amemory range 415 ofcoherent memory space 410 may be mapped to memory locations 422(1)-(N) of device physical memory 110 (e.g., memory region 522 inFIG. 5 ), and amemory range 417 ofcoherent memory space 410 may be mapped to memory locations 422(Z-Y)-(Z) of device physical memory 110 (e.g., memory region 524 inFIG. 5 ). In this example, host processors or accelerators that share access tocoherent memory space 410 may read or write data to hostphysical memory 104 by accessing the host addresses in memory range 413. Similarly, host processors or accelerators that share access tocoherent memory space 410 may read or write data to devicephysical memory 110 by accessing the host addresses in either of memory ranges 415 or 417. In some embodiments, host processors or accelerators that share access tocoherent memory space 410 may use host addresses ofcoherent memory space 410 to reference and/or access the outputs of the secure execution zones disclosed herein. - As described above,
accelerator 108 may include one or more secure execution zones for secretly executing sensitive applications and/or secretly processing sensitive data within heterogeneous systems.FIG. 5 is an illustration of an exemplary configuration ofaccelerator 108 having a singlesecure execution zone 118.Secure execution zone 118 may include one or more processors (e.g., a processor 500), one or more volatile memories (e.g., a volatile memory 502), and/or one or more non-volatile memories (e.g., a read only memory 504). In some embodiments, read onlymemory 504 may store some or all of sensitive application 120 (e.g., assensitive code 508 and/or sensitive data 510). Additionally or alternatively,volatile memory 502 may store some or all of sensitive application 120 (e.g., assensitive code 512 and/or sensitive data 514). In some embodiments,volatile memory 502 may store result 122 of executingsensitive application 120 withinsecure execution zone 118.Volatile memory 502 may represent any type or form of memory (e.g., Static Randomly Addressable Memory (SRAM)) that loses data when shut down or after losing power. As such,sensitive code 512 andsensitive data 514 may represent code and data thatprocessor 500 loads from read onlymemory 504 on a restart ofaccelerator 108. - In some embodiments,
volatile memory 502 and read-only memory 504 may be physically accessible to processors within secure execution zone 118 (e.g., processor 500) but physically inaccessible to processors outside of secure execution zone 118 (e.g.,processor 114 and/or host processor(s) 102). In some embodiments,processor 500 may have sole access tomemories processor 500 may have (e.g., via one or more of securingelements memories processor 114 may provideprocessor 500 and/orsensitive application 120 with access to aprivate region 518 of device-connectedmemory 110 to whichsensitive application 120 may securely store (e.g., using encryption) data that will be secretly processed withinsecure execution zone 118. - In some embodiments,
processor 500 may be configured to exposeresult 122 of processingsensitive application 120 toprocessor 114 and/or host processor(s) 102 using a hash map, a secure communication channel, a secure entry point (e.g., one or more registers accessible to bothprocessor 500 and processor 114), and/ormemory region 516 of device-connectedmemory 110. In some embodiments,processor 114 may be configured to relay results of executingsensitive application 120 fromprocessor 500 to host processor(s) 102 via an expansion-bus interface 506. Additionally or alternatively,processor 114 may be configured to relayresult 122 of executingapplication 120 fromprocessor 500 to device-connected memory 110 (e.g., memory region 516) andlater relay result 122 from device-connectedmemory 110 to host processor(s) 102. -
Processor 500 may represent any physical processor configured to (1) ensure the confidentiality and/or integrity ofsensitive application 120 and/or the data ofsensitive application 120 before, during, and/or after execution ofsensitive application 120 withinsecure execution zone 118 and also (2) exposeresult 122 of executingsensitive application 120 to processors located outside of secure execution zone 118 (e.g., host processor(s) 102 and/or processor 114).Processor 500 may ensure the confidentiality ofsecure code secure data secure code secure data secure execution zone 118.Processor 500 may ensure the integrity ofsecure code secure data secure code secure data processor 500 include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Digital signal processors (DSPs), Field-Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor. In some embodiments,processor 500 may be Instruction Set Architecture (ISA) agnostic. Additionally or alternatively,processor 500 may be a physical processor based on a Reduced Instruction Set Computer (RISC) (e.g., a RISC-V processor). - In some embodiments,
processor 500 may be uniquely configured to execute one or more sensitive applications. In one embodiment,processor 500 may represent a processor that incorporates and/or has access to specialized instructions and/or other specialized features (e.g., hash functions and/or cryptographic keys) for executing sensitive applications. In at least one embodiment,processor 500 may be specialized to ensure the confidentiality and/or integrity for onlysensitive application 120. In other embodiments,processor 500 may represent a processor uniquely configured for one or more entities and specialized for executing third-party sensitive applications within the one or more entities' systems. Additionally or alternatively,processor 500 may represent a processor uniquely configured for one or more entities and specialized for executing the one or more entities' sensitive applications within third-party systems. - In addition to and/or as an alternative to being physically isolated from external processors, some or all of the components contained in
secure execution zone 118 may include one or more securing elements (e.g., securingelements sensitive application 120 and/or its data before, during, and/or after execution and enabling results of executingsensitive application 120 to be exposed to processors located outside ofsecure execution zone 118. In some embodiments, the disclosed systems may use these securing elements to establish mutual trust. Additionally or alternatively, these securing elements may collectively provide a trusted execution environment for asensitive application 120. - As shown in
FIG. 6 , securingelements 600 may include one ormore authentication elements 602, one ormore confidentiality elements 604, one ormore identification elements 606, one ormore integrity elements 608, one ormore measurement elements 610, one ormore authorization elements 612, one ormore reporting elements 614, one ormore verification elements 616, one ormore hash maps 618, one or more hash-map instructions 620, one or morecryptographic keys 622, and/or one or moretrusted platform modules 624. Some or all of securingelements 600 may be unique to a particular sensitive application and/or secure execution zone. In some embodiments, one or more of securingelements 600 may act as a hardware- or software-based root of trust for sensitive applications executing withinsecure execution zone 118 and/or any external applications that interact with the sensitive applications. - In some embodiments,
authentication elements 602 may provide one or more authentication functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,authentication elements 602 may include one or more authentication credentials that may be used for performing access control associated withresult 122 and/or for authorizing access to result 122 forprocessor 114 and/or host processor(s) 102. - In some embodiments,
confidentiality elements 604 may provide one or more confidentiality functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,confidentiality element 604 may include secret keys and/or passwords for encrypting/decrypting data stored withinsecure execution zone 118. In at least one embodiment,processor 500 may include a secret key and/or password for decrypting data read from read onlymemory 504. - In some embodiments,
identification elements 606 may provide one or more identification functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,identification elements 606 may include one or more secret values (e.g., a symmetric key, an asymmetric private key, an identity key, an endorsement key etc.) for establishing the identity ofsensitive application 120,processor 500,processor 114, and/or host processor(s) 102. In at least one embodiment,identification elements 606 may include a one-time programmable memory (e.g., a one-time programmable fuse) for storing keys and other cryptographic assets. - In some embodiments,
integrity elements 608 may provide one or more integrity functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,integrity elements 608 may include authorization values, public keys, and/or public key certificates for performing attestation operations. - In some embodiments,
measurement elements 610 may provide one or more measurement functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,measurement elements 610 may include cryptographic hash functions for calculating the hashes of code and/or data that may be used to perform integrity, verification, and/or trust-establishing operations. - In some embodiments,
authorization elements 612 may provide one or more authorization functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,authorization elements 612 may include authorization tokens that may be provided byprocessor 114 and/or host processor(s) 102 and used byprocessor 500 to perform access control measures associated withresult 122. - In some embodiments, reporting
elements 614 may provide one or more reporting functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example, reportingelements 614 may provide platform characteristics tosensitive application 120 that have been authenticated byprocessor 500. - In some embodiments,
verification elements 616 may provide one or more verification functions or services tosensitive application 120,processor 500,processor 114, and/or host processor(s) 102. For example,verification elements 616 may enablesensitive application 120,processor 500,processor 114, and/or host processor(s) 102 to verify the integrity and/or authenticity of code, data, and/or public keys. In some embodiments,verification elements 616 may be used to perform verification checks on code read from read onlymemory 504 before the code is executed byprocessor 500. For example,verification elements 616 may include a read only memory bootloader stored to readonly memory 504 that may be used to verify a signature of the next bootloader or software image in a chain of trust before passing control ofprocessor 500 to the next bootloader or software image. - In some embodiments,
hash maps 618 may map hashes (e.g., access tokens) to results of executing sensitive application 120 (e.g., result 122). In some embodiments,processor 500 may usehash maps 618 to expose the results outside ofsecure execution zone 118 and/or to control access to the results. In at least one embodiment, hash-map instructions 620 may include specialized instructions for accessing and/or initiatinghash maps 618. -
FIG. 7 is a flow diagram of an exemplary computer-implementedmethod 700 for executing a sensitive application within an accelerator-based secure execution zone and then providing a result to an external processor. The steps shown inFIG. 7 may be performed by any suitable computer-executable code and/or computing system, including the system(s) illustrated inFIGS. 1, 2, 3, and 5 . In one example, each of the steps shown inFIG. 7 may represent an algorithm whose structure includes and/or is represented by multiple sub-steps, examples of which will be provided in greater detail below. - As illustrated in
FIG. 7 , at step 710 a first internal physical processor of one of the accelerators described herein may receive, from an external processor, a request to access a result of executing a sensitive application within a secure execution zone. For example,processor 114 may receive, fromhost processor 102 via expansion bus 116, a request to accessresult 122 of executingsensitive application 120 withinsecure execution zone 118. In some embodiments, a request to access a result of executing a sensitive application within a secure execution zone may include an address (e.g., a host address in coherent memory space 410) or another identifier (e.g., a hash) mapped to the result and/or to a location where the result can be accessed (e.g., as shown inFIG. 8 ). Additionally or alternatively, a request may include data to be processed by a sensitive application executing within a secure execution zone (e.g., as shown inFIG. 9 ). In such embodiments,processor 114 may relay the data to secureexecution zone 118. - At
step 720, a second internal physical processor within the secure execution zone may execute the sensitive application to generate the result. For example,processor 500 ofsecure execution zone 118 may executesensitive code 508 and/or 512 withinsecure execution zone 118 to generateresult 122. Then, atstep 730, the second internal physical processor may make the result accessible outside of the secure execution zone. For example,processor 500 ofsecure execution zone 118 may make result 122 accessible toprocessor 114 and/or host processor(s) 102 located outside ofsecure execution zone 118. Finally, atstep 740, the first internal physical processor may relay the result to the external processor. For example,processor 114 may relay result 122 to host processor(s) 102 via expansion bus 116. -
FIG. 8 is a diagram of an exemplary data flow that may occur when the disclosed systems execute a sensitive application within an accelerator-based secure execution zone and then provide a result to an external requester. In this example, a requester 802 (e.g., a host processor, core, or thread) may transmit arequest 804 toaccelerator 108 for aresult 810 of executing a secure application withinsecure execution zone 118.Result 810 may be a result ofprocessing data 808 withinsecure execution zone 118. In this example,processor 114 may have facilitated access todata 808. As shown,request 804 may include anaddress 806 that may be used to accessresult 810. In some examples,processor 114 may useaddress 806 to request result 810 fromprocessor 500. In other examples,address 806 may be mapped to a physical address withinmemory 110. In such examples,processor 500 may write result 810 to the physical address, andprocessor 114 may translateaddress 806 to identify the physical location before retrievingresult 810 frommemory 110. After retrievingresult 810 from eithersecure execution zone 118 ormemory 110,processor 114 may then relayresult 810 to requester 802 via aresponse 812, as shown. -
FIG. 9 is a diagram of an exemplary data flow that may occur when the disclosed systems process data received from an external processor using a sensitive application hosted within an accelerator-based secure execution zone and then provide a result to the external requester. In this example, a requester 902 (e.g., a host processor, core, or thread) may transmit arequest 904 toaccelerator 108 for aresult 908 ofprocessing data 906 withinsecure execution zone 118 using a secure application. In some embodiments,processor 114 may relaydata 906 directly toprocessor 500 insecure execution zone 118. In other embodiments,processor 114 may storedata 906 tomemory 110 for later retrieval byprocessor 500 fromsecure execution zone 118. In such embodiments,processor 114 may facilitate access todata 906. In some embodiments,processor 500 may, after producingresult 908 fromdata 906, provideresult 908 toprocessor 114 for transmission to requester 902. In other embodiments,processor 500 may write result 908 to a physical address withinmemory 110 from whichprocessor 114 may retrieveresult 908. After retrievingresult 908 from eithersecure execution zone 118 ormemory 110,processor 114 may then relayresult 908 to requester 902 via aresponse 910, as shown. - As explained above, embodiments of the present disclosure may protect the integrity and confidentiality of a sensitive application and its sensitive data while also enabling remote processors to access results of executing the sensitive application. Additionally, the disclosed accelerator-based secure execution zones may enable a third party's sensitive application to be executed within a partner's system in a way that prevents the partner from discovering how the sensitive application operates, which may enable partners to share intellectual property, trade secrets, proprietary algorithms, machine-learning models, and the like.
- Example 1: An accelerator including (1) an expansion-bus interface, (2) one or more internal physical processors adapted to communicate with an external processor via the expansion-bus interface, and (3) a secure execution zone having (a) at least one additional internal physical processor adapted to execute a sensitive application within the secure execution zone and make a result of executing the sensitive application accessible to the external processor via the expansion-bus interface and (b) physical memory storing the sensitive application. The physical memory may be accessible to the additional internal physical processor and inaccessible to the external processor and the one or more internal physical processors.
- Example 2: The accelerator of Example 1, wherein (1) the physical memory is volatile memory, (2) the secure execution zone further includes read only memory, (3) the read only memory stores executable instructions of the sensitive application, and (4) the additional internal physical processor is further adapted to load the executable instructions of the sensitive application into the volatile memory as part of a secure boot procedure.
- Example 3: The accelerator of any of Examples 1 and 2, wherein the read only memory further stores one or more securing elements necessary for making the result accessible to the external processor.
- Example 4: The accelerator of any of Examples 1-3, wherein (1) the one or more securing elements include a hashing function for generating a hash map, and (2) the result is made accessible to the external processor via the hash map.
- Example 5: The accelerator of any of Examples 1-4, wherein the additional internal physical processor includes at least one securing element, that is necessary for accessing the executable instructions of the sensitive application stored to the read only memory, that differs from elements of one or more of the external processor and the one or more internal physical processors.
- Example 6: The accelerator of any of Examples 1-5, wherein the read only memory further includes a secure bootloader for loading the sensitive application from the read only memory into the volatile memory.
- Example 7: The accelerator of any of Examples 1-6, wherein the additional internal physical processor is further adapted to act as a root of trust in a secure boot procedure.
- Example 8: The accelerator of any of Examples 1-7, wherein the additional internal physical processor is further adapted to establish trust between the sensitive application and the additional internal physical processor.
- Example 9: The accelerator of any of Examples 1-8, wherein the additional internal physical processor is further adapted to establish trust between the sensitive application and one or more of the external processor and the one or more internal physical processors.
- Example 10: The accelerator of any of Examples 1-9, wherein the additional internal physical processor is further adapted to (1) receive, from the one or more internal physical processors via a secure communication channel, a request to access the result and (2) transmit, in response to the request, the result to the one or more internal physical processors over the secure communication channel.
- Example 11: The accelerator of any of Examples 1-10, wherein the one or more internal physical processors are further adapted to (1) receive, from the external processor via the expansion-bus interface, a request to access the result and (2) transmit, in response to the request, the result to the external processor via the expansion-bus interface.
- Example 12: The accelerator of any of Examples 1-11, wherein (1) the expansion-bus interface is adapted to connect to a cache-coherent interconnect, (2) the accelerator further includes additional physical memory accessible to the external processor via the cache-coherent interconnect, addresses of the additional physical memory being mapped to a coherent memory space of the external processor, (3) the additional internal physical processor is adapted to make the result of executing the sensitive application accessible to the external processor by writing the result to a physical address of the additional physical memory accessible to the external processor, and (4) the one or more internal physical processors are further adapted to (a) receive, via the cache-coherent interconnect, a request to access a host address of the coherent memory space corresponding to the physical address and (b) respond to the request by accessing the result from the physical address of the additional physical memory corresponding to the host address.
- Example 13: The accelerator of any of Examples 1-12, wherein the additional internal physical processor is adapted to write the result to the physical address of the additional physical memory by transmitting, to the one or more internal physical processors, a request to write the result to the host address of the coherent memory space corresponding to the physical address.
- Example 14: A computer-implemented method including (1) receiving, by a first internal physical processor of an accelerator from an external processor, a request to access a result of executing a sensitive application within a secure execution zone of the accelerator having a second internal physical processor and physical memory storing the sensitive application, (2) executing, by the second internal physical processor within the secure execution zone of the accelerator, the sensitive application from the physical memory to generate the result, (3) making, by the second internal physical processor, the result accessible outside of the secure execution zone, and (4) relaying, by the first internal physical processor, the result to the external processor. The physical memory may be accessible to the second internal physical processor and inaccessible to the first internal physical processor and the external processor.
- Example 15: A storage accelerator including (1) a device-attached physical memory accessible to an external host processor via a cache-coherent interconnect, wherein addresses of the device-attached physical memory are mapped to a coherent memory space of the external host processor, (2) one or more internal physical processors adapted to (a) receive, via the cache-coherent interconnect, a request to access a host address of the coherent memory space and (b) respond to the request by accessing a physical address of the device-attached physical memory corresponding to the host address, and (3) a secure execution zone having at least one additional internal physical processor adapted to execute a sensitive application within the secure execution zone and make a result of executing the sensitive application within the secure execution zone accessible to the external host processor via the cache-coherent interconnect.
- Example 16: The storage accelerator of Example 15, wherein (1) the one or more internal physical processors are further adapted to provision a private region of the coherent memory space of the external host processor for use by the additional internal physical processor, and (2) the additional internal physical processor is further adapted to provide the sensitive application with access to the private region of the coherent memory space of the external host processor.
- Example 17: The storage accelerator of any of Examples 15 and 16, wherein the secure execution zone further includes additional physical memory storing the sensitive application and sensitive data necessary in producing the result, the additional physical memory being accessible to the additional internal physical processor and inaccessible to the external host processor and the one or more internal physical processors.
- Example 18: The storage accelerator of any of Examples 15-17, wherein (1) the additional physical memory is volatile memory, (2) the secure execution zone further includes read only memory, (3) the read only memory stores executable instructions of the sensitive application, and (4) the additional internal physical processor is further adapted to load the executable instructions of the sensitive application into the volatile memory as part of a secure boot procedure.
- Example 19: The storage accelerator of any of Examples 15-18, wherein the read only memory further stores one or more securing elements necessary for making the result accessible to the external processor.
- Example 20: The storage accelerator of any of Examples 15-19, wherein the one or more securing elements include a hashing function for generating a hash map, and the result is made accessible to the external processor by the hash map.
- As detailed above, the computing devices and systems described and/or illustrated herein broadly represent any type or form of computing device or system capable of executing computer-readable instructions, such as those contained within the modules described herein. In their most basic configuration, these computing device(s) may each include at least one memory device and at least one physical processor.
- In some examples, the term “memory device” generally refers to any type or form of volatile or non-volatile storage device or medium capable of storing data and/or computer-readable instructions. In one example, a memory device may store, load, and/or maintain one or more of the modules described herein. Examples of memory devices include, without limitation, Random Access Memory (RAM), Read only memory (ROM), flash memory, Hard Disk Drives (HDDs), Solid-State Drives (SSDs), optical disk drives, caches, variations or combinations of one or more of the same, or any other suitable storage memory.
- In some examples, the term “physical processor” generally refers to any type or form of hardware-implemented processing unit capable of interpreting and/or executing computer-readable instructions. In one example, a physical processor may access and/or modify one or more modules stored in the above-described memory device. Examples of physical processors include, without limitation, microprocessors, microcontrollers, Central Processing Units (CPUs), Field-Programmable Gate Arrays (FPGAs) that implement softcore processors, Application-Specific Integrated Circuits (ASICs), portions of one or more of the same, variations or combinations of one or more of the same, or any other suitable physical processor.
- Although illustrated as separate elements, the modules described and/or illustrated herein may represent portions of a single module or application. In addition, in certain embodiments one or more of these modules may represent one or more software applications or programs that, when executed by a computing device, may cause the computing device to perform one or more tasks. For example, one or more of the modules described and/or illustrated herein may represent modules stored and configured to run on one or more of the computing devices or systems described and/or illustrated herein. One or more of these modules may also represent all or portions of one or more special-purpose computers configured to perform one or more tasks.
- In addition, one or more of the modules described herein may transform data, physical devices, and/or representations of physical devices from one form to another. For example, one or more of the modules recited herein may receive data to be transformed over a cache-coherent interconnect, secretly process the data within an accelerator-based secure execution zone, output a result of the processing to device-connected memory, and use the result of the processing to respond to future read requests for the result. Additionally or alternatively, one or more of the modules recited herein may transform a processor, volatile memory, non-volatile memory, and/or any other portion of a physical computing device from one form to another by executing on the computing device, storing data on the computing device, and/or otherwise interacting with the computing device.
- In some embodiments, the term “computer-readable medium” generally refers to any form of a device, carrier, or medium capable of storing or carrying computer-readable instructions. Examples of computer-readable media include, without limitation, transmission-type media, such as carrier waves, and non-transitory-type media, such as magnetic-storage media (e.g., hard disk drives, tape drives, and floppy disks), optical-storage media (e.g., Compact Disks (CDs), Digital Video Disks (DVDs), and BLU-RAY disks), electronic-storage media (e.g., solid-state drives and flash media), and other distribution systems.
- The process parameters and sequence of the steps described and/or illustrated herein are given by way of example only and can be varied as desired. For example, while the steps illustrated and/or described herein may be shown or discussed in a particular order, these steps do not necessarily need to be performed in the order illustrated or discussed. The various exemplary methods described and/or illustrated herein may also omit one or more of the steps described or illustrated herein or include additional steps in addition to those disclosed.
- The preceding description has been provided to enable others skilled in the art to best utilize various aspects of the exemplary embodiments disclosed herein. This exemplary description is not intended to be exhaustive or to be limited to any precise form disclosed. Many modifications and variations are possible without departing from the spirit and scope of the present disclosure. The embodiments disclosed herein should be considered in all respects illustrative and not restrictive. Reference should be made to the appended claims and their equivalents in determining the scope of the present disclosure.
- Unless otherwise noted, the terms “connected to” and “coupled to” (and their derivatives), as used in the specification and claims, are to be construed as permitting both direct and indirect (i.e., via other elements or components) connection. In addition, the terms “a” or “an,” as used in the specification and claims, are to be construed as meaning “at least one of.” Finally, for ease of use, the terms “including” and “having” (and their derivatives), as used in the specification and claims, are interchangeable with and have the same meaning as the word “comprising.”
Claims (20)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/313,873 US20220358208A1 (en) | 2021-05-06 | 2021-05-06 | Systems and methods for enabling accelerator-based secure execution zones |
PCT/US2022/028046 WO2022236037A1 (en) | 2021-05-06 | 2022-05-06 | Systems and methods for enabling accelerator-based secure execution zones |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/313,873 US20220358208A1 (en) | 2021-05-06 | 2021-05-06 | Systems and methods for enabling accelerator-based secure execution zones |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220358208A1 true US20220358208A1 (en) | 2022-11-10 |
Family
ID=81927965
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/313,873 Abandoned US20220358208A1 (en) | 2021-05-06 | 2021-05-06 | Systems and methods for enabling accelerator-based secure execution zones |
Country Status (2)
Country | Link |
---|---|
US (1) | US20220358208A1 (en) |
WO (1) | WO2022236037A1 (en) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050086419A1 (en) * | 2003-08-29 | 2005-04-21 | Rhyan Neble | Flash memory distribution of digital content |
US8543838B1 (en) * | 2009-12-23 | 2013-09-24 | Marvell International Ltd. | Cryptographic module with secure processor |
US8645716B1 (en) * | 2010-10-08 | 2014-02-04 | Marvell International Ltd. | Method and apparatus for overwriting an encryption key of a media drive |
US20180181758A1 (en) * | 2016-12-28 | 2018-06-28 | Intel Corporation | Firmware Loading for Exploit Resistance |
US20190171505A1 (en) * | 2017-12-03 | 2019-06-06 | Intel Corporation | Management controller-based solution for processor ras in smi-free environment |
US20190296905A1 (en) * | 2016-09-23 | 2019-09-26 | Apple Inc. | Cryptographic entropy tree |
US20210117130A1 (en) * | 2009-10-30 | 2021-04-22 | Iii Holdings 2, Llc | Memcached Server Functionality in a Cluster of Data Processing Nodes |
US20220067221A1 (en) * | 2020-09-03 | 2022-03-03 | Pensando Systems Inc. | Method and system for implementing security operations in an input/output device |
US20220114023A1 (en) * | 2021-12-23 | 2022-04-14 | Intel Corporation | Infrastructure as code deployment mechanism |
US20220214902A1 (en) * | 2021-01-06 | 2022-07-07 | Baidu Usa Llc | Method for virtual machine migration with checkpoint authentication in virtualization environment |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11755500B2 (en) * | 2020-12-26 | 2023-09-12 | Intel Corporation | Cryptographic computing with disaggregated memory |
-
2021
- 2021-05-06 US US17/313,873 patent/US20220358208A1/en not_active Abandoned
-
2022
- 2022-05-06 WO PCT/US2022/028046 patent/WO2022236037A1/en active Application Filing
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050086419A1 (en) * | 2003-08-29 | 2005-04-21 | Rhyan Neble | Flash memory distribution of digital content |
US20210117130A1 (en) * | 2009-10-30 | 2021-04-22 | Iii Holdings 2, Llc | Memcached Server Functionality in a Cluster of Data Processing Nodes |
US8543838B1 (en) * | 2009-12-23 | 2013-09-24 | Marvell International Ltd. | Cryptographic module with secure processor |
US8645716B1 (en) * | 2010-10-08 | 2014-02-04 | Marvell International Ltd. | Method and apparatus for overwriting an encryption key of a media drive |
US20190296905A1 (en) * | 2016-09-23 | 2019-09-26 | Apple Inc. | Cryptographic entropy tree |
US20180181758A1 (en) * | 2016-12-28 | 2018-06-28 | Intel Corporation | Firmware Loading for Exploit Resistance |
US20190171505A1 (en) * | 2017-12-03 | 2019-06-06 | Intel Corporation | Management controller-based solution for processor ras in smi-free environment |
US20220067221A1 (en) * | 2020-09-03 | 2022-03-03 | Pensando Systems Inc. | Method and system for implementing security operations in an input/output device |
US20220214902A1 (en) * | 2021-01-06 | 2022-07-07 | Baidu Usa Llc | Method for virtual machine migration with checkpoint authentication in virtualization environment |
US20220114023A1 (en) * | 2021-12-23 | 2022-04-14 | Intel Corporation | Infrastructure as code deployment mechanism |
Also Published As
Publication number | Publication date |
---|---|
WO2022236037A1 (en) | 2022-11-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11088846B2 (en) | Key rotating trees with split counters for efficient hardware replay protection | |
US11374967B2 (en) | Systems and methods for detecting replay attacks on security space | |
US10097349B2 (en) | Systems and methods for protecting symmetric encryption keys | |
KR101378639B1 (en) | Security protection for memory content of processor main memory | |
US7836299B2 (en) | Virtualization of software configuration registers of the TPM cryptographic processor | |
US10990687B2 (en) | System and method for user managed encryption recovery using blockchain for data at rest | |
US20160072628A1 (en) | Systems and methods for managing cryptographic keys in a secure microcontroller | |
WO2020233623A1 (en) | Receipt storage method and node combining transaction type and judgment condition | |
WO2020233626A1 (en) | Receipt storage method and node in combination with conditional limitation of transaction and user types | |
US10372628B2 (en) | Cross-domain security in cryptographically partitioned cloud | |
WO2020233635A1 (en) | Receipt storage method combining conditional restrictions of multiple types of dimensions and node | |
WO2020233619A1 (en) | Receipt storage method and node in combination with user type and transaction type | |
WO2020233624A1 (en) | Receipt storage method and node employing transaction type in combination with event function type | |
WO2020233627A1 (en) | Receipt storage method and node based on multiple types of dimensions | |
JP7406013B2 (en) | Securely sign configuration settings | |
WO2020233634A1 (en) | Method and node for receipt storage combining transaction and event type condition restrictions | |
JP2022512051A (en) | Integrity tree for memory integrity check | |
WO2021057273A1 (en) | Method and apparatus for realizing efficient contract calling on fpga | |
US20220129566A1 (en) | Secure application execution in a data processing system | |
Gundu et al. | A case for near data security | |
WO2021057272A1 (en) | Method and apparatus for implementing contract invoking based on fpga | |
WO2021057221A1 (en) | Method and apparatus for realizing state update based on fpga | |
US20220358208A1 (en) | Systems and methods for enabling accelerator-based secure execution zones | |
Balakrishnan et al. | Non-repudiable disk I/O in untrusted kernels | |
US20060020785A1 (en) | Secure distribution of a video card public key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: FACEBOOK, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:VIJAYRAO, NARSING KRISHNA;PETERSEN, CHRISTIAN MARKUS;REEL/FRAME:056565/0216 Effective date: 20210513 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
AS | Assignment |
Owner name: META PLATFORMS, INC., CALIFORNIA Free format text: CHANGE OF NAME;ASSIGNOR:FACEBOOK, INC.;REEL/FRAME:058685/0901 Effective date: 20211028 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE |